Medium severity5.3NVD Advisory· Published May 8, 2023· Updated Jun 17, 2026
CVE-2023-30019
CVE-2023-30019
Description
imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/imgproxy/imgproxy/v3Go | < 3.15.0 | 3.15.0 |
Affected products
2Patches
Vulnerability mechanics
References
6- breakandpray.com/cve-2023-30019-ssrf-in-imgproxy/nvdExploitPatchThird Party Advisory
- github.com/advisories/GHSA-9x7h-ggc3-xg47ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-30019ghsaADVISORY
- breakandpray.com/cve-2023-30019-ssrf-in-imgproxyghsaWEB
- github.com/imgproxy/imgproxy/blob/ee9e8f0cb101ec22318caffd552a23cc0548d5ce/imagedata/download.goghsaWEB
- github.com/imgproxy/imgproxy/commit/1a9768a2c682e88820064aa3d9a05ea234ff3cc4ghsaWEB
News mentions
0No linked articles in our index yet.